An employee at a healthcare facility frequently enters patient data into a centralized system at a workstation located in a semi-public area of the hospital. Considering the risk of shoulder surfing, which of the following practices should be implemented to secure patient confidentiality?
Enable two-factor authentication for system login
Install a privacy screen on the workstation monitor
Using a privacy screen is a correct practice to prevent shoulder surfing because it narrows the viewing angle of a computer monitor, which minimizes the chance of unauthorized individuals seeing confidential information from a side angle. Changing passwords regularly, while a good security practice, does not prevent shoulder surfing. Using two-factor authentication enhances account security but would not prevent the visual disclosure of on-screen data. Encryption secures data at rest and in transit but does not shield on-screen information from being viewed over the shoulder.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is shoulder surfing, and how does it occur?
Open an interactive chat with Bash
How does a privacy screen work to enhance security?
Open an interactive chat with Bash
What are some additional measures to protect patient data at workstations?